Bug#627884: ssldump segfaults when decoding some unknown enumerated values

Wed, 25 May 2011 01:18:33 -0700 

Package: ssldump
Version: 0.9b3-4
Severity: important
Tags: patch upstream


ssldump segfaults when decoding some unknown enumerated values
because decoder tables end with 0 instead of -1 expected by
table search routines

-- System Information:
Debian Release: 6.0.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ssldump depends on:
ii  libc6                   2.11.2-10        Embedded GNU C Library: Shared lib
ii  libpcap0.8              1.1.1-2          system interface for user-level pa
ii  libssl0.9.8             0.9.8o-4squeeze1 SSL shared libraries

ssldump recommends no packages.

Versions of packages ssldump suggests:
ii  tcpdump                       4.1.1-1    A powerful tool for network monito

diff -urNad ssldump-0.9b3~/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c
--- ssldump-0.9b3~/ssl/ssl.enums.c	2001-07-20 18:44:36.000000000 +0200
+++ ssldump-0.9b3/ssl/ssl.enums.c	2011-05-25 09:35:56.000000000 +0200
@@ -151,7 +151,7 @@
 		"application_data",
 		decode_ContentType_application_data
 	},
-{0}
+{-1}
 };
 
 static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data)
@@ -498,7 +498,7 @@
 		"Finished",
 		decode_HandshakeType_Finished
 	},
-{0}
+{-1}
 };
 
 decoder cipher_suite_decoder[]={
@@ -728,7 +728,7 @@
 		"fatal",
 		decode_AlertLevel_fatal
 	},
-{0}
+{-1}
 };
 
 static int decode_AlertDescription_close_notify(ssl,dir,seg,data)
@@ -1031,7 +1031,7 @@
 		"no_renegotiation",
 		decode_AlertDescription_no_renegotiation
 	},
-{0}
+{-1}
 };
 
 decoder compression_method_decoder[]={
@@ -1095,6 +1095,6 @@
 		"dss_fixed_dh",
 		decode_client_certificate_type_dss_fixed_dh
 	},
-{0}
+{-1}
 };
 
diff -urNad ssldump-0.9b3~/ssl/ssl_enum.c ssldump-0.9b3/ssl/ssl_enum.c
--- ssldump-0.9b3~/ssl/ssl_enum.c	2000-10-09 07:14:02.000000000 +0200
+++ ssldump-0.9b3/ssl/ssl_enum.c	2011-05-25 09:37:04.000000000 +0200
@@ -70,7 +70,7 @@
 		"application_data",
 		decode_ContentType_application_data
 	},
-{0}
+{-1}
 };
 
 static int decode_HandshakeType_hello_request(ssl,dir,seg,data)
@@ -260,7 +260,7 @@
 		"finished",
 		decode_HandshakeType_finished
 	},
-{0}
+{-1}
 };
 
 decoder cipher_suite_decoder[]={

Reply via email to